Woocommerce Multiple Free Gift
Approved changes feed: RSS · Atom
cpe:2.3:a:ankitpokhrel:woocommerce_multiple_free_gift:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ankitpokhrel (22a686eb-932d-5977-aec9-ee75622c7802) |
|---|---|
| Product | Woocommerce Multiple Free Gift (6c8ac1fd-d569-5104-953f-a8a8fbad2767) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-3459 |
vulnerable | 2026-06-08 05:48:21.105286 |
WooCommerce Multiple Free Gift <= 1.2.3 - Insufficient Server-Side Validation to Arbitrary Gift Adding
MEDIUM (5.3)
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the products that can be added as a gift. This makes it possible for unauthenticated attackers to add non-gift items to their cart as a gift.
Published: 2024-09-14T02:04:19.287Z
Updated: 2026-04-08T17:24:12.822Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.